这个病毒怎么也杀不掉！在安全模式下也不行……冰刃好像也查不出来，哪位大大帮忙看看可以吗？谢谢了！

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [(Verified)Microsoft Corporation]
    <DAEMON Tools><"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033>  [(Verified)DAEMON Tools Code Signing Services]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)]
    <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)]
    <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
    <MINI_BFYY><C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe>  [深圳市三代科技开发有限公司]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <Mysee Alert><"C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe" -notray>  [Beijing Gaov Inc.]
    <ThunderMini><C:\Program Files\Thunder Network\ThunderMini\ThunderMiniShell.exe>  []
    <UserFaultCheck><%systemroot%\system32\dumprep 0 -u>  [N/A]
    <SoundMax><"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <SunJavaUpdateSched><"C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe">  [Sun Microsystems, Inc.]
    <Logitech Hardware Abstraction Layer><KHALMNPR.EXE>  [Logitech Inc.]
    <CertificateRegistration><SafeSignCertReg.exe>  [A.E.T. Europe B.V.]
    <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [N/A]
    <BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)>  [N/A]
    <ep2k_certd><C:\Program Files\ngsrv\ep2k_certd.exe -r>  []
    <ssMgr_ccb><C:\Program Files\StarSec\ssMgr_ccb.exe -r>  []
    <UnlockerAssistant><"C:\Program Files\Unlocker\UnlockerAssistant.exe">  []
    <NVDispDrv><C:\WINDOWS\NVDispDrv.exe>  []
    <WinSysM><C:\WINDOWS\IGM.exe>  []
    <DiskMan32><C:\WINDOWS\DiskMan32.exe>  []
    <Kvsc3><C:\WINDOWS\Kvsc3.exe>  []
    <MsIMMs32><C:\WINDOWS\MsIMMs32.exe>  []
    <DbgHlp32><C:\WINDOWS\DbgHlp32.exe>  []
    <mppds><C:\WINDOWS\mppds.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <MSDEG32><LYLoader.exe>  []
    <MSDWG32><LYLoadbr.exe>  [N/A]
    <MSDCG32    ><LYLeador.exe>  [N/A]
    <MSDOG32><LYLoador.exe>  [N/A]
    <MSDSG32><LYLoadar.exe>  [N/A]
    <MSDMG32><LYLoadmr.exe>  []
    <MSDHG32><LYLoadhr.exe>  [N/A]
    <MSDQG32><LYLoadqr.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><EXPLORER.EXE>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\UserInit.exe,>  [(Verified)]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
    <{A6011F8F-A7F8-49AA-9ADA-49127D43138F}><C:\Program Files\Common Files\Microsoft Shared\MSINFO\NewInfo.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cdnup.exe]
    <IFEO[cdnup.exe]><C:\WINDOWS\system32\rundll32.exe>  [N/A]

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Maxthon; .NET CLR 1.1.4322; .NET CLR 2.0.50727)

启动文件夹
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[Logitech SetPoint]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Logitech SetPoint.lnk --> C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [Logitech Inc.]><N>
[TabUserW.exe]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\TabUserW.exe.lnk --> C:\WINDOWS\system32\WTablet\TabUserW.exe [Wacom Technology, Corp.]><N>
[腾讯QQ]
  <C:\Documents and Settings\Gloria\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\qq\QQ.exe [TENCENT]><N>

==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[E2F2B9DC / E2F2B9DC][Stopped/Auto Start]
  <C:\WINDOWS\system32\63004442.EXE -k><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Win32 Debug Service / MSDebugsvc][Stopped/Auto Start]
  <C:\WINDOWS\system32\\rundll32.exe msdebug.dll,input><Microsoft Corporation>
[ngSlotDaemon / ngSlotD][Running/Auto Start]
  <C:\Program Files\ngsrv\ngslotd.exe><^_^>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[OracleMTSRecoveryService / OracleMTSRecoveryService][Running/Auto Start]
  <F:\oracle\ora92\bin\omtsreco.exe "OracleMTSRecoveryService"><Oracle Corporation>
[OracleOraHome92PagingServer / OracleOraHome92PagingServer][Stopped/Manual Start]
  <F:\oracle\ora92/bin/pagntsrv.exe><N/A>
[PlugServerD / PlugServer][Running/Auto Start]
  <C:\Program Files\StarSec\PlugServer.exe><GDChina>
[PM5 Drivers Auto Removal (pr2al72b) / pr2al72b][Stopped/Auto Start]
  <C:\WINDOWS\system32\pr2al72b.exe svc><T-Time Technology>
[Rising Proxy  Service / RfwProxySrv][Stopped/Manual Start]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <c:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[DNS SystemServices / RpcSs32][Stopped/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k RpcSs32-->c:\windows\system32\sql32.dll><N/A>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Running/Auto Start]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[StarWind iSCSI Service / StarWindService][Running/Auto Start]
  <D:\常用程序\Alcohol\Alcohol 120\StarWind\StarWindService.exe><Rocket Division Software>
[TabletService / TabletService][Running/Auto Start]
  <C:\WINDOWS\system32\Tablet.exe><Wacom Technology, Corp.>
[Std xwsq Service / xwsq][Running/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\srui\cbev.dll,Service -s><Microsoft Corporation>

==================================
驱动程序
[abhcop / abhcop][Stopped/System Start]
  <system32\drivers\abhcop.sys><N/A>
[acpidisk / acpidisk][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[aeaudio / aeaudio][Running/Manual Start]
  <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cdntran / cdntran][Stopped/Disabled]
  <system32\drivers\cdntran.sys><N/A>
[cnprov / cnprov][Running/Boot Start]
  <\SystemRoot\system32\drivers\cnprov.sys><中国互联网络信息中心(CNNIC)>
[ExpScaner / ExpScaner][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[D-Link DFE-530TX PCI Fast Ethernet Adapter Driver / FETNDIS][Running/Manual Start]
  <system32\DRIVERS\dlkfet5b.sys><D-Link>
[usb Card Device / ft2kEnum][Running/Manual Start]
  <system32\DRIVERS\ic2kenum.sys><OEM Corporation>
[USB Chip Holder Service / GDBaseSmc][Running/Manual Start]
  <system32\DRIVERS\Chip_smc.sys><OEM>
[USB Chip Service / GD_USB][Stopped/Manual Start]
  <system32\DRIVERS\Chip_usb.sys><>
[Grand Tech GT680x NT / GT680x][Stopped/Manual Start]
  <system32\DRIVERS\GT680x.SYS><N/A>
[hcalway / hcalway][Stopped/System Start]
  <system32\DRIVERS\hcalway.sys><N/A>
[HookCont / HookCont][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising>
[HookReg / HookReg][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[IEEE-1284.4 Driver HPZid412 / HPZid412][Running/Manual Start]
  <system32\DRIVERS\HPZid412.sys><HP>
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Running/Manual Start]
  <system32\DRIVERS\HPZipr12.sys><HP>
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Running/Manual Start]
  <system32\DRIVERS\HPZius12.sys><HP>
[Logitech SetPoint PS/2 Mouse Filter Driver / L8042mou][Stopped/Manual Start]
  <system32\DRIVERS\L8042mou.Sys><Logitech, Inc.>
[Logitech SetPoint HID Mouse Filter Driver / LHidKe][Running/Manual Start]
  <system32\DRIVERS\LHidKE.Sys><Logitech, Inc.>
[Logitech SetPoint USB Receiver device driver / LHidUsbK][Running/Manual Start]
  <System32\Drivers\LHidUsbK.Sys><Logitech, Inc.>
[Logitech SetPoint Mouse Filter Driver / LMouKE][Running/Manual Start]
  <system32\DRIVERS\LMouKE.Sys><Logitech, Inc.>
[MEMSCAN / MEMSCAN][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><Beijing Rising Technology Co., Ltd.>
[MidiSyn / MidiSyn][Stopped/Manual Start]
  <system32\drivers\MidiSyn.sys><Analog Devices Inc>
[mProcRs / mProcRs][Running/Auto Start]
  <\??\c:\program files\rising\rfw\mProcRs.sys><Beijing Rising Technology Co., Ltd.>
[mspcidrv / mspcidrv][Stopped/System Start]
  <system32\DRIVERS\mspcidrv.sys><N/A>
[mxdispdr / mxdispdr][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\mxdispdr.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\qq\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\Program Files\Tencent\qq\npkycryp.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PM5 Environment Driver (pe3al72b) / pe3al72b][Running/Boot Start]
  <\SystemRoot\system32\drivers\pe3al72b.sys><T-Time Technology>
[Pen Class / PenClass][Running/Boot Start]
  <\SystemRoot\system32\Drivers\PenClass.sys><Wacom Technology Corporation>
[PM5 Synchronization Driver (ps6al72b) / ps6al72b][Running/Boot Start]
  <\SystemRoot\system32\drivers\ps6al72b.sys><T-Time Technology>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[SmartCard Reader Device  / Reader_Device][Running/Manual Start]
  <system32\DRIVERS\usbic2k.sys><OEM>
[RsFwDrv / RsFwDrv][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS][Running/Auto Start]
  <\??\C:\Program Files\Rising\Rav\RSPPSYS.sys><Rising>
[Secdrv / Secdrv][Running/Auto Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SFI Service / sf][Running/System Start]
  <system32\drivers\sf.sys><Sonic Focus, Inc>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver (version 2.x) / sfsync02][Running/Boot Start]
  <\SystemRoot\System32\drivers\sfsync02.sys><Protection Technology>
[Intel (R) System Managment BIOS Service / SMBios][Running/Manual Start]
  <system32\DRIVERS\SMBios.sys><Intel Corporation>
[smwdm / smwdm][Running/Manual Start]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[vax347b / vax347b][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\vax347b.sys><>
[vax347s / vax347s][Running/Boot Start]
  <\SystemRoot\System32\Drivers\vax347s.sys><>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[VIMICRO USB PC Camera (ZC0301PLH) / ZSMC303][Stopped/Manual Start]
  <System32\Drivers\usbVM303.sys><Vimicro Corporation>

正在运行的进程
[PID: 656 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 712 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
[PID: 736 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\winlib0.dll]  [N/A, ]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
    [C:\WINDOWS\system32\msplrct.dll]  [N/A, ]
[PID: 780 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
[PID: 792 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
[PID: 960 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
[PID: 1028 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
[PID: 1124 / SYSTEM][C:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 1140 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
    [F:\oracle\ora92\bin\oci.dll]  [Oracle Corporation, 9.2.0.1.0]
[PID: 1232 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
[PID: 1304 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
[PID: 1324 / SYSTEM][C:\Program Files\Rising\Rav\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 49]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [C:\Program Files\Rising\Rav\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [C:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [C:\Program Files\Rising\Rav\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [C:\Program Files\Rising\Rav\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\psapi.dll]  [Microsoft Corporation, 4.00]
    [C:\Program Files\Rising\Rav\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [C:\Program Files\Rising\Rav\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 14]
    [C:\Program Files\Rising\Rav\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\Program Files\Rising\Rav\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [C:\Program Files\Rising\Rav\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [C:\Program Files\Rising\Rav\SpamEng.dll]  [, 18, 0, 0, 6]
    [C:\Program Files\Rising\Rav\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
    [C:\Program Files\Rising\Rav\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
    [C:\Program Files\Rising\Rav\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 84]
    [C:\Program Files\Rising\Rav\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 36]
    [C:\Program Files\Rising\Rav\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [C:\Program Files\Rising\Rav\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
    [C:\Program Files\Rising\Rav\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
    [C:\Program Files\Rising\Rav\ScanPack.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 24]
    [C:\Program Files\Rising\Rav\RsVM.dll]  [, 19, 0, 0, 22]
    [C:\Program Files\Rising\Rav\Uroutine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 57]
    [C:\Program Files\Rising\Rav\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\Program Files\Rising\Rav\Uscript.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[PID: 1384 / SYSTEM][c:\program files\rising\rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 35]
    [c:\program files\rising\rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 3]
    [c:\program files\rising\rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 2]
    [c:\program files\rising\rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 10]
    [c:\program files\rising\rfw\psapi.dll]  [Microsoft Corporation, 4.00]
    [c:\program files\rising\rfw\MonDrv.dll]  [rs, 1, 0, 0, 4]
    [c:\program files\rising\rfw\ProcLib.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5]
    [c:\program files\rising\rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[PID: 1616 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\hpzsnt09.dll]  [HP, 2.236.1.0]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  [Windows (R) 2000 DDK provider, 5.00.2195.1620]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
[PID: 1668 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
[PID: 1712 / SYSTEM][C:\Program Files\Rising\Rav\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
[PID: 1964 / Gloria][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\WINDOWS\system32\shdocvw32.dll]  [Microsoft Corporation, 6.00.3790.2783 ]
    [C:\WINDOWS\system32\LYMANGR.DLL]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\SHQMANGR.DLL]  [N/A, ]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dll]  [N/A, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
    [D:\常用程序\迅雷\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\PROGRA~1\srui\fehv.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\srui\kjma.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\Thunder Network\ThunderMini\ComDlls\XunLeiMiniBHO_002.dll]  [Thunder Networking Technologies,LTD, 2, 0, 0, 2]
    [C:\Program Files\Infofo Bar\infofobar.dll]  [珊瑚虫工作室 泰格工作室, 1, 0, 0, 0]
    [C:\WINDOWS\system32\mp3infp.dll]  [win32lab.com, 2.54.5.0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\DiskMan32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
[PID: 244 / Gloria][c:\program files\rising\rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 72]
    [c:\program files\rising\rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [c:\program files\rising\rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [c:\program files\rising\rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [c:\program files\rising\rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [c:\program files\rising\rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\WINDOWS\system32\DbgHlp32.dll]  [N/A, ]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\DiskMan32.dll]  [N/A, ]
[PID: 600 / Gloria][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\DiskMan32.dll]  [N/A, ]

[PID: 460 / Gloria][C:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
    [C:\Program Files\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [C:\PROGRA~1\srui\fehv.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\srui\kjma.dll]  [ , 1, 0, 0, 6]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dll]  [N/A, ]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\DiskMan32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
[PID: 636 / Gloria][C:\Program Files\Ringz Studio\Storm Downloader\StormDownloader.exe]  [深圳市三代科技开发有限公司, 1, 1, 0, 4]
    [C:\Program Files\Ringz Studio\Storm Downloader\boost_thread-vc6-mt-1_31.dll]  [N/A, ]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\DiskMan32.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
[PID: 704 / Gloria][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3018]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
    [C:\PROGRA~1\srui\fehv.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\srui\kjma.dll]  [ , 1, 0, 0, 6]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\DiskMan32.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
[PID: 1192 / Gloria][C:\Program Files\GAOV\Mysee Alert\Mysee Alert.exe]  [Beijing Gaov Inc., 1, 0, 1, 15]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
    [C:\PROGRA~1\srui\fehv.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\srui\kjma.dll]  [ , 1, 0, 0, 6]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\DiskMan32.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
[PID: 1416 / Gloria][C:\Program Files\Analog Devices\SoundMAX\Smax4.exe]  [Analog Devices, Inc., 4, 0, 4, 11]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\DiskMan32.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
[PID: 1468 / Gloria][C:\Program Files\Thunder Network\ThunderMini\program\ThunderMini.exe]  [Thunder Networking Technologies,LTD, 2, 0, 1, 30]
    [C:\Program Files\Thunder Network\ThunderMini\program\download_interface.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\ThunderMini\program\UpdateDownload.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 6]
    [C:\Program Files\Thunder Network\ThunderMini\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 0, 6]
    [D:\常用程序\迅雷\Components\InMedia\iEmbed04.dll]  [　, 2, 3, 0, 37]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\DiskMan32.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
[PID: 1476 / Gloria][C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe]  [Sun Microsystems, Inc., 5.0.90.3]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
[PID: 1660 / Gloria][C:\WINDOWS\system32\SafeSignCertReg.exe]  [A.E.T. Europe B.V., 2.0.0.2]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
[PID: 1844 / Gloria][C:\WINDOWS\VM303_STI.EXE]  [Vimicro, 4, 3, 625, 61]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
    [C:\PROGRA~1\srui\fehv.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\srui\kjma.dll]  [ , 1, 0, 0, 6]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\DiskMan32.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dll]  [N/A, ]
[PID: 236 / Gloria][C:\Program Files\ngsrv\ep2k_certd.exe]  [, 1, 0, 5, 1222]
    [C:\WINDOWS\system32\ep2pk11.dll]  [^_^, 1, 1, 5, 1221]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\PROGRA~1\srui\fehv.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\srui\kjma.dll]  [ , 1, 0, 0, 6]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\DiskMan32.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dll]  [N/A, ]
[PID: 356 / Gloria][C:\Program Files\StarSec\ssMgr_ccb.exe]  [, 1, 0, 5, 1026]
    [C:\WINDOWS\system32\SSP11_CCB.dll]  [GDChina, 1, 0, 0, 2]
    [C:\WINDOWS\system32\679D9F74.DLL]  [Microsoft Corporation, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\PROGRA~1\srui\fehv.dll]  [, 1, 0, 0, 6]
    [C:\PROGRA~1\srui\kjma.dll]  [ , 1, 0, 0, 6]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\DiskMan32.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dll]  [N/A, ]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[C:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[D:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[E:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[F:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 736, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 792, C:\WINDOWS\SYSTEM32\LSASS.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1140, C:\WINDOWS\SYSTEM32\SVCHOST.EXE]
特殊特权被允许： SeSystemtimePrivilege [PID = 1140, C:\WINDOWS\SYSTEM32\SVCHOST.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1616, C:\WINDOWS\SYSTEM32\SPOOLSV.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 600, C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 600, C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 460, C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 460, C:\PROGRAM FILES\RISING\RAV\RAVMON.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 636, C:\PROGRAM FILES\RINGZ STUDIO\STORM DOWNLOADER\STORMDOWNLOADER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 636, C:\PROGRAM FILES\RINGZ STUDIO\STORM DOWNLOADER\STORMDOWNLOADER.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 704, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 704, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1192, C:\PROGRAM FILES\GAOV\MYSEE ALERT\MYSEE ALERT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1192, C:\PROGRAM FILES\GAOV\MYSEE ALERT\MYSEE ALERT.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1416, C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1416, C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1468, C:\PROGRAM FILES\THUNDER NETWORK\THUNDERMINI\PROGRAM\THUNDERMINI.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1468, C:\PROGRAM FILES\THUNDER NETWORK\THUNDERMINI\PROGRAM\THUNDERMINI.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1476, C:\PROGRAM FILES\JAVA\JRE1.5.0_09\BIN\JUSCHED.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1476, C:\PROGRAM FILES\JAVA\JRE1.5.0_09\BIN\JUSCHED.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1660, C:\WINDOWS\SYSTEM32\SAFESIGNCERTREG.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1660, C:\WINDOWS\SYSTEM32\SAFESIGNCERTREG.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1844, C:\WINDOWS\VM303_STI.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1844, C:\WINDOWS\VM303_STI.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 236, C:\PROGRAM FILES\NGSRV\EP2K_CERTD.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 236, C:\PROGRAM FILES\NGSRV\EP2K_CERTD.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 356, C:\PROGRAM FILES\STARSEC\SSMGR_CCB.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 356, C:\PROGRAM FILES\STARSEC\SSMGR_CCB.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 332, C:\PROGRAM FILES\UNLOCKER\UNLOCKERASSISTANT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 332, C:\PROGRAM FILES\UNLOCKER\UNLOCKERASSISTANT.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 364, C:\WINDOWS\IGM.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 364, C:\WINDOWS\IGM.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 480, C:\WINDOWS\SYSTEM32\CTFMON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 480, C:\WINDOWS\SYSTEM32\CTFMON.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 1256, C:\WINDOWS\SYSTEM32\WTABLET\TABUSERW.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1256, C:\WINDOWS\SYSTEM32\WTABLET\TABUSERW.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3312, C:\PROGRAM FILES\NGSRV\NGSLOTD.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3328, C:\WINDOWS\SYSTEM32\NVSVC32.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3420, C:\PROGRAM FILES\STARSEC\PLUGSERVER.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3628, C:\WINDOWS\SYSTEM32\SVCHOST.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3644, C:\WINDOWS\SYSTEM32\TABLET.EXE]
特殊特权被允许： SeDebugPrivilege [PID = 3700, C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3700, C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

太多了真不好意思……我想重装系统来着……奈何光驱坏了读不了启动盘……电脑又要急用……555555